search

LedgerHQ / app-ssh-agent

Simple SSH and GPG agent for Ledger Blue and Nano S
Apache License 2.0
78 stars 27 forks source link

Unable to decrypt GPG messages on Nano X using OpenPGP app and a ed25519/cv25519 key #29

Closed juan-sebastian closed 4 years ago

juan-sebastian commented 4 years ago

Hi,

I created this new issue that is related to my comment from here https://github.com/LedgerHQ/app-ssh-agent/issues/25#issuecomment-701676616 because this seems to be solve for the app SSH/PGP but is not the case for the OpenPGP one.

I copy pasted the results found in the comment above.

Decryption still don't work when you use a ed25519/cv25519 key this are my results with the Ledger nano S and nano X.

image

$ gpg -d secret.txt.gpg
gpg: ecdh failed in gcry_cipher_decrypt: Checksum error
gpg: encrypted with 256-bit ECDH key, ID XXXXXXXXXX, created 2019-05-22
      "Juan Sebastian Pena Rodriguez <email@example.com>"
gpg: public key decryption failed: Checksum error
gpg: decryption failed: No secret key

image

$ gpg -d secret.txt.gpg
gpg: ecdh failed in gcry_cipher_decrypt: Checksum error
gpg: encrypted with 256-bit ECDH key, ID XXXXXXXXXX, created 2019-05-22
      "Juan Sebastian Pena Rodriguez <email@example.com>"
gpg: public key decryption failed: Checksum error
gpg: decryption failed: No secret key

So as you can see in both cases I'm not able to decrypt the message.

But when I use my regular Ledger Nano S with the old firmware everything work as expected as you can see below

image

$ gpg -d secret.txt.gpg
gpg: encrypted with 256-bit ECDH key, ID XXXXXXXXXX, created 2019-05-22
      "Juan Sebastian Pena Rodriguez <email@example.com>"
this is a secret
juan-sebastian commented 4 years ago

Moved issue here https://github.com/LedgerHQ/openpgp-card-app/issues/58